
package com.itheima.reggie.filter;

import com.alibaba.fastjson.JSON;
import com.itheima.reggie.common.R;
import com.itheima.reggie.common.UserHolder;
import com.itheima.reggie.entity.Employee;
import lombok.extern.slf4j.Slf4j;
import org.apache.catalina.User;
import org.springframework.util.AntPathMatcher;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@Slf4j
@WebFilter("/*")
public class LoginCheckFilter implements Filter {
    //路径匹配器AntPathMatcher，支持通配符
    private AntPathMatcher antPathMatcher = new AntPathMatcher();
    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
                         FilterChain filterChain) throws IOException, ServletException {
        //强转
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        //设置可放行的资源路径
        String[] urls = new String[]{
                "/backend/**",
                "/front/**",
                "/employee/login",
                "/employee/logout",
                "/common/**",
                "/user/sendMsg",//移动端发送短信
                "/user/login"   //移动端登录
        };
        //获取本次的请求的请求路径URI
        String requestURI = httpServletRequest.getRequestURI();
        log.info("拦截到请求：{}", requestURI);
        //遍历可放行的资源路径数组，并于获取到的请求路径进行比较
        for (String url : urls) {
            //比较
            boolean match = antPathMatcher.match(url, requestURI);
            if (match) {
                //属于放行资源，放行
                log.info("本次请求{}不需要拦截", requestURI);
                filterChain.doFilter(httpServletRequest, httpServletResponse);
                return;
            }
        }//不属于可放行资源，需要验证是否登录
        //若登录，则放行（后台员工系统）
        if (httpServletRequest.getSession().getAttribute("employee") != null) {
            log.info("用户已登录，用户信息为：{}",
                    httpServletRequest.getSession().getAttribute("employee").toString());
            Employee employee = (Employee) httpServletRequest.getSession().getAttribute("employee");
            //静态，用类名调用；
            UserHolder.set(employee.getId());
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        //若登录，则放行（前端用户系统）
        if (httpServletRequest.getSession().getAttribute("user") != null) {
            log.info("用户已登录，用户信息为：{}",
                    httpServletRequest.getSession().getAttribute("user").toString());
           // Long userId = (Long) httpServletRequest.getSession().getAttribute("user");
            Long userId = (Long) httpServletRequest.getSession().getAttribute("user");
            //静态，用类名调用；
            UserHolder.set(userId);
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        //未登录，拦截，并返回未登录页面
        log.info("用户未登录");
        httpServletResponse.getWriter().write(JSON.toJSONString(R.error("NOTLOGIN")));
        return;
    }
}






